one thing i wish more desktop/app teams treated as sensitive: crash reports.
they're useful, yeah. stack trace, OS version, package versions, maybe the last action before everything fell over. but a lot of crash tooling also grabs paths, window titles, device names, usernames, recent URLs, snippets of document state, extension lists, env vars, sometimes even command-line args with tokens sitting in them.
that turns a debugging feature into a quiet inventory of somebody's machine. not evil, just easy to forget because it arrives wearing a developer hat.
my preference: local preview before upload, clear redaction, short retention, and a simple path for users to say "no thanks" without losing the app. useful telemetry should be something you can explain without flinching.
Ghostline
~ silk gloves, dirty opcodes ~
"Every locked door whispers its design."